GUEST ANALYSIS: Fraud Prevention Tips for Selling into the UK
By Kirsty Tull, Director Marketing & Communications for BillPro.com
The UK has seen rapid growth in internet fraud and identity theft over the past 3 years, according to a Privilege Insurance study reported in the Paypers and the Mirror. As UK consumers find themselves increasingly under attack by scammers using phishing emails, password cracking and other methods, merchants must keep their customers’ accounts safe and guard against fraudulent transactions.
Build trust with your customers
UK consumers most commonly become victims of information theft by clicking on pop-up windows that contain malware. As the media makes consumers more aware of this risk, they’re going to become more cautious of pop-ups. Your site will feel safer to security-savvy shoppers if you eliminate site pop-ups completely, or present them only rarely, and ensure that they are fully branded.
Phishing is another common tactic of information thieves. During the checkout process and on purchase receipts, assure your customers that no one from your company will ever ask for their account password via telephone or email. Include a direct telephone number that customers can call if they have any questions about the validity of communications from your store.
Make it difficult for thieves to copy your online store
Some consumers become victims when they visit copycat websites intended to look like existing businesses. These sites then collect and sell their data. Take steps to deter criminals from copying your site. When you establish the URL for your UK shop, also register domain names with variants such as .net, .uk, and .shop. It’s a good idea to register misspelled variations of your domain name too. You can redirect these to your main UK URL or park them to prevent scammers from using them.
Build good password security into your customer registration process
Consumers across Western Europe and North America often use insecure passwords, such as 12345, and they regularly use the same password for many accounts. The Mirror, reporting on the Privilege study, said more than 29 million people in the UK use the same password for all of their online accounts. This places them at risk of losing control of all their online information.
To reduce the risk that your customer’s accounts with your shop will be hacked, build password security requirements into your sign up steps. For example, you can require that customers choose a password with a minimum number of characters, numerals and special characters in order to register. You can also set up your system to lock customers’ accounts after a certain number of failed password attempts, to prevent hackers with customers’ email addresses from guessing until they match the passwords.
Strengthen your security and fraud screening practices
The steps described above can help your customers maintain secure accounts with your shop. Your e-commerce also needs up-to-date security and fraud screening tools to protect against thieves who target your shop directly. Your card payment processing system must maintain PCI-DSS compliance and your business should have a plan in place to deal with data breaches, including notification of your bank, card issuers, and customers.
Every merchant should use customizable transaction controls to flag orders that exceed a certain ticket value or occur with unusual frequency. You should also screen your transactions with a combination of continuously updated automated anti-fraud tools and manual verification of suspect transactions by fraud analytics. For most SMBs, it’s easiest and most cost-effective to do this via a payment processor that provides fraud prevention services.
Monitor UK fraud trends
Finally, remember that data protection is a process, not a one-time task. Merchants selling into the UK should follow Cifas, the UK’s national nonprofit organization dedicated to fraud and financial crime prevention. The group offers protective data registration for organizations, research and insights on the UK fraud landscape, and other useful information. It’s also crucial for EU-based merchants to watch for upcoming changes in payments and fraud-protection regulations and practices as the UK works towards its exit from the European Union.
Each of these steps takes money and time to implement, but they all work together make shopping safer for your UK customers and reduce your business’ exposure to fraud.